The second time in six weeks, Microsoft confirmed today that hackers are taking advantage of a flaw has not been amended in the DirectX, this time the attack is on Internet Explorer (IE).

The company's security team issued a consultation, about 13 o'clock the report of Su-recognition, the attacks in the wild, and to provide more information, who is the vulnerable groups.

Earlier today, security researchers announced in Denmark, thousands of legitimate Web site of the hacker attacks over the weekend in attacks on IE users to drive and use a key vulnerability in Windows' DirectShow, and part of DirectX.

"A browser and access to state the existence of the attack vector," Chu-yun, Microsoft Security Response Center said the design team, in a blog post this afternoon. "Users need to attract browsers to a malicious Web site or undermine the legitimate sites affected by [but] there is no further user interaction is necessary."

Users of IE6 and IE7 running in Windows XP and Windows Server 2003 are vulnerable to motor vehicles in the bays of the attack, Microsoft said. Vista and Server 2008 is not in danger, but people are not running IE8, Microsoft's latest browser. Although Microsoft promised to fix the error, the company's spokesman declined to say whether this patch will be ready in July 14, in the next regular security updates from time to time of day.

In order to protect the PC at risk during this period, the company urged users to set up 45 "delete-bit" in the flawed ActiveX control contains vulnerability. The ActiveX control, Microsoft admits that they do not intend to use the IE browser. "We recognize that there is no object to host the ActiveX control is designed to msvidctl.dll in IE, said," Chu. "Therefore, we propose to kill all of these places to control the practice as a defense in depth. Side effects of very small."

Set of ActiveX kill bit can be dangerous, because it involved the amendment of Windows registry. "If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system," Microsoft in its advisory. "Use Registry Editor at your own risk."

Easier way to set the kill bit is a custom in the running of the automated tools can be downloaded Microsoft's production. The company offers a similar tool, as an alternative to other DirectShow error admitted in late May of this new tool from Microsoft's support site.

Earlier report credited to the Danish computer security company Group species publicity DirectShow vulnerability. In fact, the Chinese security forum, and antivirus software companies, including Jinshan, is the first document of the bug. Users running a non-Microsoft browser such as Mozilla's Firefox or Google Chrome, it is safe from attack.